Internet security experts warn that there is no quick way to counter the malicious virus programs used by hackers to steal thousands of dollars from customers' bank accounts.
The warning follows an order by the Monetary Authority on Monday demanding that banks step up online banking security after three clients, from two banks, lost HK$289,000 between April and June from unauthorised online transactions. Eight banks have reported being targeted.
The customers who lost money were believed to have accessed their online banking accounts using personal computers infected with Trojan horse programs that record keystrokes and send the information to a hacker. The hacker then logged in to the account using the stolen usernames and passwords.
A one-time password - generated by a security device given by the bank or sent as a text message - to authenticate transactions was also intercepted in the same manner and enabled hackers to transfer the money.
Roy Ko Wai-tak, manager of the Computer Emergency Response Team Co-ordination Centre, said the attacks were most likely launched by organised cyber criminals targeting specific bank clients.
He said the technique had 'conceptually and practically' compromised the double authentication process used by banks.